Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/cb3a53-0887-4c2a-9dd2-dd70fd679efb/1/_nmPbt4x9m-Ta66GoCSL7W3aCXA.roa
File:                     _nmPbt4x9m-Ta66GoCSL7W3aCXA.roa (raw, json)
Hash identifier:          wsX+V0PAFV7F2oDQvwdPmthk+UjW8yerleGDb5kvFzI=
Subject key identifier:   FE:79:8F:6E:DE:31:F6:6F:93:6B:AE:86:A0:24:8B:ED:6D:DA:09:70
Certificate issuer:       /CN=14c12729882d6fcc400d24c7a16191ebf79ad3ae
Certificate serial:       018CC3494C17174A11CFFC4E2B29C5ABBFAD
Authority key identifier: 14:C1:27:29:88:2D:6F:CC:40:0D:24:C7:A1:61:91:EB:F7:9A:D3:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMEnKYgtb8xADSTHoWGR6_ea064.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/cb3a53-0887-4c2a-9dd2-dd70fd679efb/1/_nmPbt4x9m-Ta66GoCSL7W3aCXA.roa
Signing time:             Mon 01 Jan 2024 04:30:09 +0000
ROA not before:           Mon 01 Jan 2024 04:30:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209141
IP address blocks:        5.180.92.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/cb3a53-0887-4c2a-9dd2-dd70fd679efb/1/FMEnKYgtb8xADSTHoWGR6_ea064.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/cb3a53-0887-4c2a-9dd2-dd70fd679efb/1/FMEnKYgtb8xADSTHoWGR6_ea064.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMEnKYgtb8xADSTHoWGR6_ea064.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 May 2024 13:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:4c:17:17:4a:11:cf:fc:4e:2b:29:c5:ab:bf:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c12729882d6fcc400d24c7a16191ebf79ad3ae
        Validity
            Not Before: Jan  1 04:30:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fe798f6ede31f66f936bae86a0248bed6dda0970
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ab:dd:22:34:0e:b8:25:b0:55:a2:8f:18:c7:
                    f2:21:12:55:a8:cc:65:21:63:7b:8d:58:a0:a7:cb:
                    a1:ec:0e:a2:cc:49:53:da:89:98:63:b4:c7:95:af:
                    d1:2d:66:5a:e4:76:63:f8:d9:75:cb:b6:09:51:de:
                    f2:41:23:eb:94:c9:3a:20:30:3d:9f:12:4e:4c:d1:
                    13:65:04:ff:76:77:be:20:2f:6f:a6:af:bc:f0:ff:
                    ac:ab:41:92:41:bf:16:fa:22:7d:13:cd:f6:5c:77:
                    ef:b0:52:c3:e5:28:40:3e:fc:22:89:47:30:4e:16:
                    75:e8:3b:ec:c8:52:30:bd:0f:c2:4c:87:14:77:03:
                    e4:4a:eb:51:e5:4e:9d:8f:e3:1b:6f:b8:d1:47:3a:
                    d5:d8:2a:2d:e1:31:86:b3:8c:f1:a5:04:99:9c:ca:
                    f6:53:79:92:6b:ff:b5:73:a9:db:49:6e:a5:79:1a:
                    b9:04:73:3b:82:0d:46:f2:e1:cf:40:7a:01:28:33:
                    8b:5e:50:02:26:45:a3:56:c9:09:47:9b:41:f9:c7:
                    2a:92:ce:d8:3d:e7:09:f2:ae:23:e2:75:69:92:9b:
                    ff:50:0e:c6:cf:1c:00:a4:d2:4d:8f:04:74:46:33:
                    bb:af:86:49:23:ed:8c:6e:d7:11:69:fd:86:f5:e0:
                    87:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:79:8F:6E:DE:31:F6:6F:93:6B:AE:86:A0:24:8B:ED:6D:DA:09:70
            X509v3 Authority Key Identifier:
                keyid:14:C1:27:29:88:2D:6F:CC:40:0D:24:C7:A1:61:91:EB:F7:9A:D3:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMEnKYgtb8xADSTHoWGR6_ea064.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cb3a53-0887-4c2a-9dd2-dd70fd679efb/1/_nmPbt4x9m-Ta66GoCSL7W3aCXA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cb3a53-0887-4c2a-9dd2-dd70fd679efb/1/FMEnKYgtb8xADSTHoWGR6_ea064.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:3f:ff:ce:e5:00:20:92:b7:07:5b:62:52:95:be:3a:cf:cf:
         04:20:79:f3:1a:7c:4c:99:2c:4d:e4:fc:5d:12:9b:57:cc:43:
         61:ae:da:21:cd:ca:9f:4c:ee:d3:03:9a:cf:8a:fa:b1:ab:32:
         af:c7:70:22:23:e4:1d:c0:06:24:08:0c:8f:b4:87:d6:61:43:
         4d:b6:44:88:32:ff:ea:06:86:17:49:95:4c:f1:cc:b4:9a:a9:
         e2:c1:8b:bb:04:a2:2b:19:6e:18:a0:2c:80:78:59:82:91:67:
         d6:51:05:51:36:4e:84:8b:24:50:a9:2f:91:5f:77:51:a9:a7:
         50:89:25:e5:e0:eb:8e:c5:52:59:40:19:e3:d7:55:58:c4:26:
         f9:c4:3b:9f:6f:d3:69:55:0a:af:75:50:ee:55:e4:2d:4c:9b:
         7a:a5:0d:b5:14:db:5d:fd:c3:30:a4:78:7d:74:d4:65:4d:ee:
         3e:69:95:28:ee:ea:4e:df:a7:ad:ed:68:f3:5e:66:58:40:f6:
         ea:25:37:43:27:54:33:9e:e5:42:39:b7:59:d8:2b:d9:9a:fa:
         5c:0f:ac:68:bc:de:ea:bf:36:a2:05:fb:b1:60:8a:a6:99:a1:
         53:21:7f:b3:ca:75:d5:e7:db:94:34:75:62:9e:c3:02:54:b9:
         06:bd:c2:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUwXF0oRz/xOKynFq7+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzEyNzI5ODgyZDZmY2M0MDBkMjRjN2ExNjE5MWViZjc5
YWQzYWUwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTc5OGY2ZWRlMzFmNjZmOTM2YmFlODZhMDI0OGJlZDZkZGEwOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6vdIjQOuCWwVaKPGMfyIRJVqMxl
IWN7jVigp8uh7A6izElT2omYY7THla/RLWZa5HZj+Nl1y7YJUd7yQSPrlMk6IDA9
nxJOTNETZQT/dne+IC9vpq+88P+sq0GSQb8W+iJ9E832XHfvsFLD5ShAPvwiiUcw
ThZ16DvsyFIwvQ/CTIcUdwPkSutR5U6dj+Mbb7jRRzrV2Cot4TGGs4zxpQSZnMr2
U3mSa/+1c6nbSW6leRq5BHM7gg1G8uHPQHoBKDOLXlACJkWjVskJR5tB+ccqks7Y
PecJ8q4j4nVpkpv/UA7GzxwApNJNjwR0RjO7r4ZJI+2MbtcRaf2G9eCHcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP55j27eMfZvk2uuhqAki+1t2glwMB8GA1UdIwQY
MBaAFBTBJymILW/MQA0kx6Fhkev3mtOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1FbktZZ3RiOHhBRFNUSG9XR1I2X2VhMDY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jYjNhNTMtMDg4Ny00YzJhLTlkZDIt
ZGQ3MGZkNjc5ZWZiLzEvX25tUGJ0NHg5bS1UYTY2R29DU0w3VzNhQ1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jYjNhNTMtMDg4Ny00YzJhLTlkZDItZGQ3MGZkNjc5ZWZi
LzEvRk1FbktZZ3RiOHhBRFNUSG9XR1I2X2VhMDY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbRcMA0G
CSqGSIb3DQEBCwUAA4IBAQAcP//O5QAgkrcHW2JSlb46z88EIHnzGnxMmSxN5Pxd
EptXzENhrtohzcqfTO7TA5rPivqxqzKvx3AiI+QdwAYkCAyPtIfWYUNNtkSIMv/q
BoYXSZVM8cy0mqniwYu7BKIrGW4YoCyAeFmCkWfWUQVRNk6EiyRQqS+RX3dRqadQ
iSXl4OuOxVJZQBnj11VYxCb5xDufb9NpVQqvdVDuVeQtTJt6pQ21FNtd/cMwpHh9
dNRlTe4+aZUo7upO36et7WjzXmZYQPbqJTdDJ1QznuVCObdZ2CvZmvpcD6xovN7q
vzaiBfuxYIqmmaFTIX+zynXV59uUNHVinsMCVLkGvcJy
-----END CERTIFICATE-----